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1. (Currently Amended) A computer-implemented process for 
assessing the vulnerability of a workstation to a security compromise, comprising the 
steps: 

issuing a request for a scanner from a browser operating on the 
workstation to a network server via a computer network; 

transmitting the scanner from the network server to the workstation 
via the computer network, the scanner installable within the browser and operative to 
complete a vulnerability assessment of the workstation to identify security vulnerabilities 
of the workstation that can compromise secure operation of the workstation on the 
computer network; 

generating workstation credentials derived from the scanner 
conducting the vulnerability assessment of the workstation, the workstation credentials 
comprising at least one of information about integrity of the workstation and a security 
posture of the workstation; 

comparing the workstation credentials to a workstation policy; 

authenticating a workstation for access to the network server by 
granting the workstation access to one or more services available on the network server if 
the workstation credentials derived from the scanner are in compliance with the 
workstation policy; 

if access to the one or more services available on the network 
server is granted to the workstation because the workstation credentials are in compliance 
with the workstation policy, issuing a request for credentials associated with a user; 

receiving credentials associated with a user; and 
authenticating a user of the workstation for access to the network 
server after authenticating the workstation for access to the network server by 
determining if the user is authorized to access the one or more services available on the 
network server [[by]] through evaluating the credentials associated with the user. 
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2. (Original) The computer-implemented process of Claim 1 further 
comprising the step of presenting the workstation credentials to the user of the 
workstation. 

3. (Original) The computer-implemented process of Claim 1 further 
comprising the step of transmitting the workstation credentials to the network server via 
the computer network. 

4. (Original) The computer-implemented process of Claim 1 further 
comprising the step of completing a repair operation by the scanner to address a security 
vulnerability identified by the scanner in response to completing the vulnerability 
assessment of the workstation. 

5. (Original) The computer- implemented process of Claim 1 wherein the 
scanner comprises a plug-in control operable with the browser and a data file defining 
security vulnerabilities. 

6. (Original) The computer-implemented process of Claim 1, wherein the 
step of issuing a request for a scanner comprises the browser issuing a request for a Web 
page at the network server, the Web page hosting the scanner as a plug-in control 
available for installation with the browser. 

7. (Original) A computer-readable medium comprising the computer- 
implemented process of Claim 1 . 
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8. (Currently Amended) A computer-implemented process for 
authenticating a workstation requesting a software service, comprising the steps: 

issuing a request for a scanner to a network server from a browser 
operating on the workstation; 

transmitting the scanner and a workstation policy from the network 
server to the workstation via the computer network, the scanner installable within the 
browser and operative to generate workstation credentials by completing a vulnerability 
assessment of the workstation, the workstation credentials comprising at least one of 
information about integrity of the workstation and a security posture of the workstation; 

comparing the workstation credentials to the workstation policy on 
the workstation to determine whether the workstation should be granted access to the 
software service; 

authenticating a workstation for access to the software service by 
granting the workstation access to the software service available on the network server if 
the workstation credentials derived from the scanner are in compliance with the 
workstation policy; and 

if access to the software service is granted to the workstation 
because the workstation credentials are in compliance with the workstation policy, 
authenticating a user of the workstation for access to the software service after 
authenticating the workstation for access to the software service by issuing a request for 
user authentication in order to determine if a user of the workstation is authorized to 
access the software service available on the network server. 

9. (Original) The computer-implemented process of Claim 8, wherein the 
step of issuing a request for a scanner comprises the browser issuing a request for a Web 
page at the network server, the Web page hosting the scanner as a control operable with 
the browser. 

10. (Original) A computer-readable medium comprising the process of 

Claim 8. 
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11. (Currently Amended) A computer-implemented process for 
authenticating a workstation requesting a network service from a network server via a 
computer network, comprising the steps: 

issuing a request for a scanner to the network server from a 
browser operating on the workstation; 

transmitting the scanner from the network server to the workstation 
via the computer network, the scanner installable within the browser and operative to 
generate workstation credentials by completing a vulnerability assessment of the 
workstation to identify security vulnerabilities that would compromise the secure 
operation of the workstation on the computer network, the workstation credentials 
comprising at least one of information about integrity of the workstation and a security 
posture of the workstation; 

transmitting the workstation security credentials from the scanner 
to the network server via the computer network; 

determining at the network server whether the workstation should 
be granted access to a network service of the network based on the workstation 
credentials; and 

authenticating a workstation for access to the network service by 
granting the workstation access to the network service if the workstation credentials 
derived from the scanner are in compliance with the workstation policy; and 

if access is granted to the workstation for the network service 
because the workstation credentials are in compliance with the workstation policy, 
authenticating a user of the workstation for access to the network service after 
authenticating the workstation for access to the network service by issuing a request for 
information relating to user authentication in order to determine if the user is authorized 
to access the network service. 
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12. (Previously Presented) The computer-implemented process recited by 
Claim 1 1 wherein the network server comprises a CGI script and the step of determining 
whether the workstation should be granted access to the network service comprises the 
CGI script comparing the workstation credentials to a workstation security policy 
maintained at the network server to determine whether the workstation should be granted 
access to the network service; 

wherein granting the workstation access to the network service 
comprises directing the browser to the log-in page via the computer network; 

if the workstation credentials do not match the workstation security 
policy, then denying access to the network service and delivering an access denied page 
to the workstation via the computer network. 

13. (Original) A computer-readable medium comprising the computer- 
implemented process of Claim 1 1 . 

14. (Original) The computer-implemented process of Claim 11, wherein 
the step of issuing a request for a scanner comprises the browser issuing a request for a 
Web page at the network server, the Web page hosting the scanner as a plug-in control 
available for installation with the browser. 

15. (Previously Presented) The computer-implemented process of Claim 
1, further comprising receiving credentials associated with a user from the browser. 

16. (Cancelled) 

17. (Previously Presented) The computer-implemented process of Claim 
8, further comprising receiving credentials associated with a user from the browser. 

18. (Previously Presented) The computer-implemented process of Claim 
17, further comprising authenticating the user based on the credentials. 



-6- 



Application Serial No. 09/665,018 



19. (Previously Presented) The computer-implemented process of Claim 
1 1, further comprising receiving credentials associated with a user from the browser. 

20. (Previously Presented) The computer-implemented process of Claim 
19, further comprising authenticating the user based on the credentials. 
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